diff options
-rw-r--r-- | docs/oom_quickstart_guide_helm3.rst | 2 | ||||
-rw-r--r-- | docs/oom_user_guide_helm3.rst | 2 | ||||
-rw-r--r-- | docs/requirements-docs.txt | 2 | ||||
-rw-r--r-- | docs/tox.ini | 22 | ||||
-rw-r--r-- | kubernetes/common/music/requirements.yaml | 3 | ||||
-rwxr-xr-x | kubernetes/common/music/resources/config/music-sb.properties | 2 | ||||
-rw-r--r-- | kubernetes/common/music/resources/keys/org.onap.music.jks | bin | 3635 -> 0 bytes | |||
-rw-r--r-- | kubernetes/common/music/resources/keys/truststoreONAPall.jks | bin | 117990 -> 0 bytes | |||
-rw-r--r-- | kubernetes/common/music/templates/deployment.yaml | 16 | ||||
-rw-r--r-- | kubernetes/common/music/values.yaml | 32 | ||||
-rw-r--r-- | tox.ini | 2 |
11 files changed, 32 insertions, 51 deletions
diff --git a/docs/oom_quickstart_guide_helm3.rst b/docs/oom_quickstart_guide_helm3.rst index 5a3076426e..e4d4736fef 100644 --- a/docs/oom_quickstart_guide_helm3.rst +++ b/docs/oom_quickstart_guide_helm3.rst @@ -203,7 +203,7 @@ single command To deploy all ONAP applications use this command:: > cd oom/kubernetes - > helm deploy dev local/onap --namespace onap --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900s + > helm deploy dev local/onap --namespace onap --create-namespace --set global.masterPassword=myAwesomePasswordThatINeedToChange -f onap/resources/overrides/onap-all.yaml -f onap/resources/overrides/environment.yaml -f onap/resources/overrides/openstack.yaml --timeout 900s All override files may be customized (or replaced by other overrides) as per needs. diff --git a/docs/oom_user_guide_helm3.rst b/docs/oom_user_guide_helm3.rst index 08e9ec0d0b..2c1eeabe71 100644 --- a/docs/oom_user_guide_helm3.rst +++ b/docs/oom_user_guide_helm3.rst @@ -149,7 +149,7 @@ Then build your local Helm repository:: The Helm search command reads through all of the repositories configured on the system, and looks for matches:: - > helm search -l + > helm search repo local NAME VERSION DESCRIPTION local/appc 2.0.0 Application Controller local/clamp 2.0.0 ONAP Clamp diff --git a/docs/requirements-docs.txt b/docs/requirements-docs.txt index e14c784ee4..1c1895acf6 100644 --- a/docs/requirements-docs.txt +++ b/docs/requirements-docs.txt @@ -6,7 +6,7 @@ setuptools six sphinx_rtd_theme>=0.4.3 sphinxcontrib-blockdiag -sphinxcontrib-needs>=0.2.3 +sphinxcontrib-needs<0.6.0 sphinxcontrib-nwdiag sphinxcontrib-redoc sphinxcontrib-seqdiag diff --git a/docs/tox.ini b/docs/tox.ini deleted file mode 100644 index edac8c35fc..0000000000 --- a/docs/tox.ini +++ /dev/null @@ -1,22 +0,0 @@ -[tox] -minversion = 1.6 -envlist = docs, -skipsdist = true - -[testenv:docs] -basepython = python3 -deps = -r{toxinidir}/requirements-docs.txt -commands = - sphinx-build -b html -n -d {envtmpdir}/doctrees ./ {toxinidir}/_build/html - echo "Generated docs available in {toxinidir}/_build/html" -whitelist_externals = - echo - git - sh - -[testenv:docs-linkcheck] -basepython = python3 -#deps = -r{toxinidir}/requirements-docs.txt -commands = echo "Link Checking not enforced" -#commands = sphinx-build -b linkcheck -d {envtmpdir}/doctrees ./ {toxinidir}/_build/linkcheck -whitelist_externals = echo diff --git a/kubernetes/common/music/requirements.yaml b/kubernetes/common/music/requirements.yaml index a9566c1811..0a3c9315ab 100644 --- a/kubernetes/common/music/requirements.yaml +++ b/kubernetes/common/music/requirements.yaml @@ -22,3 +22,6 @@ dependencies: - name: repositoryGenerator version: ~7.x-0 repository: 'file://../repositoryGenerator' + - name: certInitializer + version: ~7.x-0 + repository: 'file://../certInitializer'
\ No newline at end of file diff --git a/kubernetes/common/music/resources/config/music-sb.properties b/kubernetes/common/music/resources/config/music-sb.properties index 751a351737..7a13f10d8e 100755 --- a/kubernetes/common/music/resources/config/music-sb.properties +++ b/kubernetes/common/music/resources/config/music-sb.properties @@ -6,7 +6,7 @@ server.tomcat.max-threads=100 #logging.file=/opt/app/music/logs/MUSIC/music-app.log #logging.config=file:/opt/app/music/etc/logback.xml security.require-ssl=true -server.ssl.key-store=/opt/app/aafcertman/org.onap.music.jks +server.ssl.key-store=/opt/app/aafcertman/local/org.onap.music.jks server.ssl.key-store-password=${KEYSTORE_PASSWORD} server.ssl.key-store-provider=SUN server.ssl.key-store-type=JKS diff --git a/kubernetes/common/music/resources/keys/org.onap.music.jks b/kubernetes/common/music/resources/keys/org.onap.music.jks Binary files differdeleted file mode 100644 index 35d27c3ef7..0000000000 --- a/kubernetes/common/music/resources/keys/org.onap.music.jks +++ /dev/null diff --git a/kubernetes/common/music/resources/keys/truststoreONAPall.jks b/kubernetes/common/music/resources/keys/truststoreONAPall.jks Binary files differdeleted file mode 100644 index ff844b109d..0000000000 --- a/kubernetes/common/music/resources/keys/truststoreONAPall.jks +++ /dev/null diff --git a/kubernetes/common/music/templates/deployment.yaml b/kubernetes/common/music/templates/deployment.yaml index cf0ce8f899..1e5d3c5377 100644 --- a/kubernetes/common/music/templates/deployment.yaml +++ b/kubernetes/common/music/templates/deployment.yaml @@ -38,19 +38,18 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + {{ include "common.certInitializer.initContainer" . | indent 8 | trim }} - command: - sh args: - -c - - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done" + - "export KEYSTORE_PASSWORD=$(cat /opt/app/aafcertman/local/.pass); cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done" env: - - name: KEYSTORE_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "music-keystore-pw" "key" "password") | indent 12}} - name: CASSA_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cassa-secret" "key" "login") | indent 12 }} - name: CASSA_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cassa-secret" "key" "password") | indent 12 }} - volumeMounts: + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: /config-input name: properties-music-scrubbed - mountPath: /config @@ -87,7 +86,7 @@ spec: value: "{{ .Values.javaOpts }}" - name: DEBUG value: "{{ .Values.debug }}" - volumeMounts: + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - name: localtime mountPath: /etc/localtime readOnly: true @@ -100,9 +99,7 @@ spec: - name: properties-music-scrubbed mountPath: /opt/app/music/etc/logback.xml subPath: logback.xml - - name: certs-aaf - mountPath: /opt/app/aafcertman/ - volumes: + volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: shared-data emptyDir: {} - name: certificate-vol @@ -116,6 +113,3 @@ spec: - name: properties-music emptyDir: medium: Memory - - name: certs-aaf - secret: - secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "music-certs") }} diff --git a/kubernetes/common/music/values.yaml b/kubernetes/common/music/values.yaml index 31df352de7..25cab910a9 100644 --- a/kubernetes/common/music/values.yaml +++ b/kubernetes/common/music/values.yaml @@ -25,16 +25,6 @@ global: # Secrets metaconfig ################################################################# secrets: - - uid: music-certs - name: keystore.jks - type: generic - filePaths: - - resources/keys/org.onap.music.jks - - uid: music-keystore-pw - name: keystore-pw - type: password - password: '{{ .Values.keystorePassword }}' - passwordPolicy: required - uid: cassa-secret type: basicAuth login: '{{ .Values.properties.cassandraUser }}' @@ -115,8 +105,6 @@ debug: false ingress: enabled: false -keystorePassword: "ysF9CVS+xvuXr0vf&fRa5lew" - properties: lockUsing: "cassandra" # Comma dilimited list of hosts @@ -159,4 +147,22 @@ logback: metricsLogLevel: info auditLogLevel: info # Values must be uppercase: INFO, WARN, CRITICAL,DEBUG etc.. - rootLogLevel: INFO
\ No newline at end of file + rootLogLevel: INFO + +#sub-charts configuration +certInitializer: + nameOverride: music-cert-initializer + fqdn: "music.onap" + app_ns: "org.osaaf.aaf" + fqi: "music@music.onap.org" + fqi_namespace: org.onap.music + public_fqdn: "music.onap.org" + aafDeployFqi: "deployer@people.osaaf.org" + aafDeployPass: demo123456! + cadi_latitude: "0.0" + cadi_longitude: "0.0" + credsPath: /opt/app/osaaf/local + appMountPath: /opt/app/aafcertman + aaf_add_config: > + cd {{ .Values.credsPath }}; + /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password_jks= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1; @@ -17,7 +17,7 @@ commands = [testenv:docs] deps = -rdocs/requirements-docs.txt commands = - sphinx-build -W -b html -n -W -d {envtmpdir}/doctrees ./docs/ {toxinidir}/docs/_build/html + sphinx-build -W -b html -n -d {envtmpdir}/doctrees ./docs/ {toxinidir}/docs/_build/html [testenv:docs-linkcheck] deps = -rdocs/requirements-docs.txt |